Emerson SM-Ethernet FTP Server Default Credentials

critical Nessus Plugin ID 87124

Synopsis

The remote device has an FTP account with default credentials.

Description

It was possible to log into the remote FTP server on the Emerson SCADA device by providing a set of default credentials. A remote attacker can exploit this to gain authenticated access.

Solution

Change the default password or block access to the port.

Plugin Details

Severity: Critical

ID: 87124

File Name: scada_emerson_sm_ethernet_ftp_default_credentials.nbin

Version: 1.59

Type: remote

Family: SCADA

Published: 12/1/2015

Updated: 5/20/2024

Supported Sensors: Nessus

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only